Re: [PATCH] net/packet: check length in getsockopt() called with PACKET_HDRLEN

From: David Miller
Date: Tue Apr 25 2017 - 14:06:25 EST

Next message: Ard Biesheuvel: "Re: [PATCH v2] crypto: arm64/sha: Add constant operand modifier to ASM_EXPORT"
Previous message: Russell King - ARM Linux: "Re: [RFC PATCH] drivers: dma-mapping: Do not attempt to create a scatterlist for from_coherent buffers"
In reply to: Alexander Potapenko: "[PATCH] net/packet: check length in getsockopt() called with PACKET_HDRLEN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexander Potapenko <glider@xxxxxxxxxx>
Date: Tue, 25 Apr 2017 18:51:46 +0200

> In the case getsockopt() is called with PACKET_HDRLEN and optlen < 4
> |val| remains uninitialized and the syscall may behave differently
> depending on its value, and even copy garbage to userspace on certain
> architectures. To fix this we now return -EINVAL if optlen is too small.
>
> This bug has been detected with KMSAN.
>
> Signed-off-by: Alexander Potapenko <glider@xxxxxxxxxx>

Applied, thanks.

Next message: Ard Biesheuvel: "Re: [PATCH v2] crypto: arm64/sha: Add constant operand modifier to ASM_EXPORT"
Previous message: Russell King - ARM Linux: "Re: [RFC PATCH] drivers: dma-mapping: Do not attempt to create a scatterlist for from_coherent buffers"
In reply to: Alexander Potapenko: "[PATCH] net/packet: check length in getsockopt() called with PACKET_HDRLEN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]